Upgrade fron 4.61.7 to 4.74.13-2
Glenn Steen
glenn.steen at gmail.com
Fri Jan 9 09:28:59 GMT 2009
2009/1/9 Dave Filchak <dave.filchak at senecac.on.ca>:
>
>
> Dave Filchak wrote:
>>
(snip)
> Just trying to track down permission errors. I get the following, running
> SALearn:
>
> SA Learn: error code 13 returned from sa-learn: bayes: cannot open bayes
> databases /etc/MailScanner/bayes/bayes_* R/O: tie failed: Permission denied
> bayes: expire_old_tokens: locker: safe_lock: cannot create lockfile
> /etc/MailScanner/bayes/bayes.mutex: Permission denied bayes: locker:
> safe_lock: cannot create lockfile /etc/MailScanner/bayes/bayes.mutex:
> Permission denied Learned tokens from 0 message(s) (1 message(s) examined)
>
Your apache user (presumably "webadmin" does not have write access to
your bayes files. Hence the error.
> Here are my bayes settings (inside of the bayes folder)
> drwxrwxr-x 3 root webadmin 4096 Jul 18 2007 .
> drwxr-xr-x 9 root root 4096 Jan 8 20:15 ..
> --w--w-r-- 1 postfix postfix 18 Jan 8 02:23 bayes.mutex
> -rw-rw---- 1 postfix postfix 327680 Jan 8 02:23 bayes_seen
> -rw-rw---- 1 postfix postfix 5210112 Jan 8 02:23 bayes_toks
> drwxr-xr-x 2 root root 4096 Jul 18 2007 poisoned
>
All the above files should be owned by postfix.webadmin ... so first do
chown postfix.webadmin /path/to/bayes/*
... where /path/to/bayes is likely /etc/MailScanner/bayes
> However, the bayes folder itself is:drwxrwxr-x 3 root webadmin 4096 Jul
> 18 2007 bayes
The above is wrong too... You need set at least the GUID bit, so that
created files are owned by webadmin... Do
chmod g+s /path/to/bayes
and you should be fine with that.
>
> I should also note the following ownership settings in MailScanner.conf:
>
> Run As User = postfix
> Run As Group = postfix
> Incoming Work Group = clamav
> Incoming Work Permissions = 0640
> Quarantine Group = webadmin
> Quarantine Permissions = 0660
Looks fine.
>
> I believe that webadmin is there because of MailWatch as webadmin is what
> apache runs as
Yep:)
>
> Dave
>
Cheers
--
-- Glenn
email: glenn < dot > steen < at > gmail < dot > com
work: glenn < dot > steen < at > ap1 < dot > se
More information about the MailScanner
mailing list